[gentoo-portage-dev] [PATCH] Support PROPERTIES="live".

[gentoo-portage-dev] [PATCH] Support PROPERTIES="live".

[Ulrich Müller]

[-- Attachment #1: Type: text/plain, Size: 4243 bytes --]

Bug: https://bugs.gentoo.org/233589
Signed-off-by: Ulrich Müller <ulm@gentoo.org>
---
 cnf/sets/portage.conf                             |  8 +++++++-
 lib/_emerge/EbuildExecuter.py                     |  4 ++--
 lib/portage/_sets/__init__.py                     | 12 +++++++++---
 repoman/lib/repoman/modules/scan/ebuild/ebuild.py |  3 +--
 4 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/cnf/sets/portage.conf b/cnf/sets/portage.conf
index ac282d911..ed4c6d9a7 100644
--- a/cnf/sets/portage.conf
+++ b/cnf/sets/portage.conf
@@ -55,9 +55,15 @@ world-candidate = True
 [preserved-rebuild]
 class = portage.sets.libs.PreservedLibraryConsumerSet
 
-# Installed ebuilds that inherit from known live eclasses.
+# Installed ebuilds with "live" property.
 [live-rebuild]
 class = portage.sets.dbapi.VariableSet
+variable = PROPERTIES
+includes = live
+
+# Installed ebuilds that inherit from known live eclasses.
+[deprecated-live-rebuild]
+class = portage.sets.dbapi.VariableSet
 variable = INHERITED
 includes = bzr cvs darcs git git-2 git-r3 golang-vcs mercurial subversion tla
 
diff --git a/lib/_emerge/EbuildExecuter.py b/lib/_emerge/EbuildExecuter.py
index d387b42be..ca9859437 100644
--- a/lib/_emerge/EbuildExecuter.py
+++ b/lib/_emerge/EbuildExecuter.py
@@ -1,4 +1,4 @@
-# Copyright 1999-2018 Gentoo Foundation
+# Copyright 1999-2019 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 from _emerge.EbuildPhase import EbuildPhase
@@ -49,7 +49,7 @@ class EbuildExecuter(CompositeTask):
 			phase="unpack", scheduler=self.scheduler,
 			settings=self.settings)
 
-		if self._live_eclasses.intersection(self.pkg.inherited):
+		if "live" in self.settings.get("PROPERTIES", "").split():
 			# Serialize $DISTDIR access for live ebuilds since
 			# otherwise they can interfere with eachother.
 
diff --git a/lib/portage/_sets/__init__.py b/lib/portage/_sets/__init__.py
index 2c9bf9715..7b81c55e2 100644
--- a/lib/portage/_sets/__init__.py
+++ b/lib/portage/_sets/__init__.py
@@ -1,4 +1,4 @@
-# Copyright 2007-2014 Gentoo Foundation
+# Copyright 2007-2019 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 from __future__ import print_function
@@ -121,8 +121,14 @@ class SetConfig(object):
 		parser.remove_section("live-rebuild")
 		parser.add_section("live-rebuild")
 		parser.set("live-rebuild", "class", "portage.sets.dbapi.VariableSet")
-		parser.set("live-rebuild", "variable", "INHERITED")
-		parser.set("live-rebuild", "includes", " ".join(sorted(portage.const.LIVE_ECLASSES)))
+		parser.set("live-rebuild", "variable", "PROPERTIES")
+		parser.set("live-rebuild", "includes", "live")
+
+		parser.remove_section("deprecated-live-rebuild")
+		parser.add_section("deprecated-live-rebuild")
+		parser.set("deprecated-live-rebuild", "class", "portage.sets.dbapi.VariableSet")
+		parser.set("deprecated-live-rebuild", "variable", "INHERITED")
+		parser.set("deprecated-live-rebuild", "includes", " ".join(sorted(portage.const.LIVE_ECLASSES)))
 
 		parser.remove_section("module-rebuild")
 		parser.add_section("module-rebuild")
diff --git a/repoman/lib/repoman/modules/scan/ebuild/ebuild.py b/repoman/lib/repoman/modules/scan/ebuild/ebuild.py
index d2715bc6e..70011e387 100644
--- a/repoman/lib/repoman/modules/scan/ebuild/ebuild.py
+++ b/repoman/lib/repoman/modules/scan/ebuild/ebuild.py
@@ -12,7 +12,6 @@ from repoman.modules.scan.scanbase import ScanBase
 # import our initialized portage instance
 from repoman._portage import portage
 from portage import os
-from portage.const import LIVE_ECLASSES
 from portage.exception import InvalidPackageName
 
 pv_toolong_re = re.compile(r'[0-9]{19,}')
@@ -110,7 +109,7 @@ class Ebuild(ScanBase):
 		self.metadata = self.pkg._metadata
 		self.eapi = self.metadata["EAPI"]
 		self.inherited = self.pkg.inherited
-		self.live_ebuild = LIVE_ECLASSES.intersection(self.inherited)
+		self.live_ebuild = "live" in self.metadata["PROPERTIES"].split()
 		self.keywords = self.metadata["KEYWORDS"].split()
 		self.archs = set(kw.lstrip("~") for kw in self.keywords if not kw.startswith("-"))
 		return False
-- 
2.22.0

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]

[gentoo-portage-dev] [PATCH] Drop removed git and tla from list of live eclasses.

[Ulrich Müller]

[-- Attachment #1: Type: text/plain, Size: 1307 bytes --]

Signed-off-by: Ulrich Müller <ulm@gentoo.org>
---
 cnf/sets/portage.conf | 2 +-
 lib/portage/const.py  | 4 +---
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/cnf/sets/portage.conf b/cnf/sets/portage.conf
index ed4c6d9a7..38c50a647 100644
--- a/cnf/sets/portage.conf
+++ b/cnf/sets/portage.conf
@@ -65,7 +65,7 @@ includes = live
 [deprecated-live-rebuild]
 class = portage.sets.dbapi.VariableSet
 variable = INHERITED
-includes = bzr cvs darcs git git-2 git-r3 golang-vcs mercurial subversion tla
+includes = bzr cvs darcs git-2 git-r3 golang-vcs mercurial subversion
 
 # Installed packages that own files inside /lib/modules.
 [module-rebuild]
diff --git a/lib/portage/const.py b/lib/portage/const.py
index edbfb9f17..0ed64a742 100644
--- a/lib/portage/const.py
+++ b/lib/portage/const.py
@@ -1,5 +1,5 @@
 # portage: Constants
-# Copyright 1998-2018 Gentoo Authors
+# Copyright 1998-2019 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 from __future__ import unicode_literals
@@ -240,13 +240,11 @@ LIVE_ECLASSES = frozenset([
 	"bzr",
 	"cvs",
 	"darcs",
-	"git",
 	"git-2",
 	"git-r3",
 	"golang-vcs",
 	"mercurial",
 	"subversion",
-	"tla",
 ])
 
 SUPPORTED_BINPKG_FORMATS = ("tar", "rpm")
-- 
2.22.0

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]

Re: [gentoo-portage-dev] [PATCH] Drop removed git and tla from list of live eclasses.

[Zac Medico]

[-- Attachment #1.1: Type: text/plain, Size: 1479 bytes --]

On 7/26/19 2:28 AM, Ulrich Müller wrote:
> Signed-off-by: Ulrich Müller <ulm@gentoo.org>
> ---
>  cnf/sets/portage.conf | 2 +-
>  lib/portage/const.py  | 4 +---
>  2 files changed, 2 insertions(+), 4 deletions(-)
> 
> diff --git a/cnf/sets/portage.conf b/cnf/sets/portage.conf
> index ed4c6d9a7..38c50a647 100644
> --- a/cnf/sets/portage.conf
> +++ b/cnf/sets/portage.conf
> @@ -65,7 +65,7 @@ includes = live
>  [deprecated-live-rebuild]
>  class = portage.sets.dbapi.VariableSet
>  variable = INHERITED
> -includes = bzr cvs darcs git git-2 git-r3 golang-vcs mercurial subversion tla
> +includes = bzr cvs darcs git-2 git-r3 golang-vcs mercurial subversion
>  
>  # Installed packages that own files inside /lib/modules.
>  [module-rebuild]
> diff --git a/lib/portage/const.py b/lib/portage/const.py
> index edbfb9f17..0ed64a742 100644
> --- a/lib/portage/const.py
> +++ b/lib/portage/const.py
> @@ -1,5 +1,5 @@
>  # portage: Constants
> -# Copyright 1998-2018 Gentoo Authors
> +# Copyright 1998-2019 Gentoo Authors
>  # Distributed under the terms of the GNU General Public License v2
>  
>  from __future__ import unicode_literals
> @@ -240,13 +240,11 @@ LIVE_ECLASSES = frozenset([
>  	"bzr",
>  	"cvs",
>  	"darcs",
> -	"git",
>  	"git-2",
>  	"git-r3",
>  	"golang-vcs",
>  	"mercurial",
>  	"subversion",
> -	"tla",
>  ])
>  
>  SUPPORTED_BINPKG_FORMATS = ("tar", "rpm")
> 

Looks good. Please merge.
-- 
Thanks,
Zac


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 981 bytes --]

Re: [gentoo-portage-dev] [PATCH] Support PROPERTIES="live".

[Zac Medico]

[-- Attachment #1.1: Type: text/plain, Size: 510 bytes --]

On 7/26/19 1:51 AM, Ulrich Müller wrote:
> Bug: https://bugs.gentoo.org/233589
> Signed-off-by: Ulrich Müller <ulm@gentoo.org>
> ---
>  cnf/sets/portage.conf                             |  8 +++++++-
>  lib/_emerge/EbuildExecuter.py                     |  4 ++--
>  lib/portage/_sets/__init__.py                     | 12 +++++++++---
>  repoman/lib/repoman/modules/scan/ebuild/ebuild.py |  3 +--
>  4 files changed, 19 insertions(+), 8 deletions(-)

Looks good. Please merge.
-- 
Thanks,
Zac


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 981 bytes --]

Re: [gentoo-portage-dev] [PATCH] Support PROPERTIES="live".

[Ulrich Mueller]

[-- Attachment #1: Type: text/plain, Size: 144 bytes --]

>>>>> On Fri, 26 Jul 2019, Zac Medico wrote:

> Looks good. Please merge.

Will do, as soon as the live eclasses set PROPERTIES="live".

Ulrich

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]

Re: [gentoo-portage-dev] [PATCH] Support PROPERTIES="live".

[Michał Górny]

[-- Attachment #1: Type: text/plain, Size: 4648 bytes --]

On Fri, 2019-07-26 at 10:51 +0200, Ulrich Müller wrote:
> Bug: https://bugs.gentoo.org/233589
> Signed-off-by: Ulrich Müller <ulm@gentoo.org>
> ---
>  cnf/sets/portage.conf                             |  8 +++++++-
>  lib/_emerge/EbuildExecuter.py                     |  4 ++--
>  lib/portage/_sets/__init__.py                     | 12 +++++++++---
>  repoman/lib/repoman/modules/scan/ebuild/ebuild.py |  3 +--
>  4 files changed, 19 insertions(+), 8 deletions(-)
> 
> diff --git a/cnf/sets/portage.conf b/cnf/sets/portage.conf
> index ac282d911..ed4c6d9a7 100644
> --- a/cnf/sets/portage.conf
> +++ b/cnf/sets/portage.conf
> @@ -55,9 +55,15 @@ world-candidate = True
>  [preserved-rebuild]
>  class = portage.sets.libs.PreservedLibraryConsumerSet
>  
> -# Installed ebuilds that inherit from known live eclasses.
> +# Installed ebuilds with "live" property.
>  [live-rebuild]
>  class = portage.sets.dbapi.VariableSet
> +variable = PROPERTIES
> +includes = live
> +
> +# Installed ebuilds that inherit from known live eclasses.
> +[deprecated-live-rebuild]
> +class = portage.sets.dbapi.VariableSet
>  variable = INHERITED
>  includes = bzr cvs darcs git git-2 git-r3 golang-vcs mercurial subversion tla
>  
> diff --git a/lib/_emerge/EbuildExecuter.py b/lib/_emerge/EbuildExecuter.py
> index d387b42be..ca9859437 100644
> --- a/lib/_emerge/EbuildExecuter.py
> +++ b/lib/_emerge/EbuildExecuter.py
> @@ -1,4 +1,4 @@
> -# Copyright 1999-2018 Gentoo Foundation
> +# Copyright 1999-2019 Gentoo Authors
>  # Distributed under the terms of the GNU General Public License v2
>  
>  from _emerge.EbuildPhase import EbuildPhase
> @@ -49,7 +49,7 @@ class EbuildExecuter(CompositeTask):
>  			phase="unpack", scheduler=self.scheduler,
>  			settings=self.settings)
>  
> -		if self._live_eclasses.intersection(self.pkg.inherited):
> +		if "live" in self.settings.get("PROPERTIES", "").split():
>  			# Serialize $DISTDIR access for live ebuilds since
>  			# otherwise they can interfere with eachother.
>  
> diff --git a/lib/portage/_sets/__init__.py b/lib/portage/_sets/__init__.py
> index 2c9bf9715..7b81c55e2 100644
> --- a/lib/portage/_sets/__init__.py
> +++ b/lib/portage/_sets/__init__.py
> @@ -1,4 +1,4 @@
> -# Copyright 2007-2014 Gentoo Foundation
> +# Copyright 2007-2019 Gentoo Authors
>  # Distributed under the terms of the GNU General Public License v2
>  
>  from __future__ import print_function
> @@ -121,8 +121,14 @@ class SetConfig(object):
>  		parser.remove_section("live-rebuild")
>  		parser.add_section("live-rebuild")
>  		parser.set("live-rebuild", "class", "portage.sets.dbapi.VariableSet")
> -		parser.set("live-rebuild", "variable", "INHERITED")
> -		parser.set("live-rebuild", "includes", " ".join(sorted(portage.const.LIVE_ECLASSES)))
> +		parser.set("live-rebuild", "variable", "PROPERTIES")
> +		parser.set("live-rebuild", "includes", "live")
> +
> +		parser.remove_section("deprecated-live-rebuild")
> +		parser.add_section("deprecated-live-rebuild")
> +		parser.set("deprecated-live-rebuild", "class", "portage.sets.dbapi.VariableSet")
> +		parser.set("deprecated-live-rebuild", "variable", "INHERITED")
> +		parser.set("deprecated-live-rebuild", "includes", " ".join(sorted(portage.const.LIVE_ECLASSES)))
>  
>  		parser.remove_section("module-rebuild")
>  		parser.add_section("module-rebuild")
> diff --git a/repoman/lib/repoman/modules/scan/ebuild/ebuild.py b/repoman/lib/repoman/modules/scan/ebuild/ebuild.py
> index d2715bc6e..70011e387 100644
> --- a/repoman/lib/repoman/modules/scan/ebuild/ebuild.py
> +++ b/repoman/lib/repoman/modules/scan/ebuild/ebuild.py
> @@ -12,7 +12,6 @@ from repoman.modules.scan.scanbase import ScanBase
>  # import our initialized portage instance
>  from repoman._portage import portage
>  from portage import os
> -from portage.const import LIVE_ECLASSES
>  from portage.exception import InvalidPackageName
>  
>  pv_toolong_re = re.compile(r'[0-9]{19,}')
> @@ -110,7 +109,7 @@ class Ebuild(ScanBase):
>  		self.metadata = self.pkg._metadata
>  		self.eapi = self.metadata["EAPI"]
>  		self.inherited = self.pkg.inherited
> -		self.live_ebuild = LIVE_ECLASSES.intersection(self.inherited)
> +		self.live_ebuild = "live" in self.metadata["PROPERTIES"].split()
>  		self.keywords = self.metadata["KEYWORDS"].split()
>  		self.archs = set(kw.lstrip("~") for kw in self.keywords if not kw.startswith("-"))
>  		return False

While at it, could you look into making src_unpack() network-sandbox
override apply only to ebuilds with PROPERTIES=live?

-- 
Best regards,
Michał Górny


[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 618 bytes --]

Re: [gentoo-portage-dev] [PATCH] Support PROPERTIES="live".

[Zac Medico]

[-- Attachment #1.1: Type: text/plain, Size: 436 bytes --]

On 7/26/19 3:45 PM, Michał Górny wrote:
> While at it, could you look into making src_unpack() network-sandbox
> override apply only to ebuilds with PROPERTIES=live?

There could be another subset of packages that aren't quite "live" but
they need to fetch something that's immutable which can't be fetched via
a protocol supported by SRC_URI. Maybe call it
PROPERTIES="src-fetch-immutable" or something.
-- 
Thanks,
Zac


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 981 bytes --]

Re: [gentoo-portage-dev] [PATCH] Support PROPERTIES="live".

[Michał Górny]

[-- Attachment #1: Type: text/plain, Size: 764 bytes --]

On Sun, 2019-07-28 at 17:21 -0700, Zac Medico wrote:
> On 7/26/19 3:45 PM, Michał Górny wrote:
> > While at it, could you look into making src_unpack() network-sandbox
> > override apply only to ebuilds with PROPERTIES=live?
> 
> There could be another subset of packages that aren't quite "live" but
> they need to fetch something that's immutable which can't be fetched via
> a protocol supported by SRC_URI. Maybe call it
> PROPERTIES="src-fetch-immutable" or something.

Could you name one of those packages, and explain how are they not
'live' if they skip checksum verification?  I'm really against adding
hundreds of weird-named items for the sake of potential use cases
without a real benefit to it.

-- 
Best regards,
Michał Górny


[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 618 bytes --]

Re: [gentoo-portage-dev] [PATCH] Support PROPERTIES="live".

[Ulrich Mueller]

[-- Attachment #1: Type: text/plain, Size: 615 bytes --]

>>>>> On Mon, 29 Jul 2019, Michał Górny wrote:

> On Sun, 2019-07-28 at 17:21 -0700, Zac Medico wrote:
>> There could be another subset of packages that aren't quite "live" but
>> they need to fetch something that's immutable which can't be fetched via
>> a protocol supported by SRC_URI. Maybe call it
>> PROPERTIES="src-fetch-immutable" or something.

> Could you name one of those packages, and explain how are they not
> 'live' if they skip checksum verification?  I'm really against adding
> hundreds of weird-named items for the sake of potential use cases
> without a real benefit to it.

+1

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]

Re: [gentoo-portage-dev] [PATCH] Support PROPERTIES="live".

[Zac Medico]

[-- Attachment #1.1: Type: text/plain, Size: 1310 bytes --]

On 7/28/19 9:31 PM, Michał Górny wrote:
> On Sun, 2019-07-28 at 17:21 -0700, Zac Medico wrote:
>> On 7/26/19 3:45 PM, Michał Górny wrote:
>>> While at it, could you look into making src_unpack() network-sandbox
>>> override apply only to ebuilds with PROPERTIES=live?
>>
>> There could be another subset of packages that aren't quite "live" but
>> they need to fetch something that's immutable which can't be fetched via
>> a protocol supported by SRC_URI. Maybe call it
>> PROPERTIES="src-fetch-immutable" or something.
> 
> Could you name one of those packages, and explain how are they not
> 'live' if they skip checksum verification?  I'm really against adding
> hundreds of weird-named items for the sake of potential use cases
> without a real benefit to it.

I don't have any particular package in mind, but it would apply to
anything that uses git-r3.eclass with a constant EGIT_COMMIT value, or
uses cros-workon.eclass with a constant CROS_WORKON_COMMIT value:

https://chromium.googlesource.com/chromiumos/overlays/chromiumos-overlay/+/refs/heads/master/eclass/cros-workon.eclass

Anyway, since RESTRICT=network-sandbox and PROPERTIES=live are
available, I suppose it's pretty safe to wait and see if there's demand
for a different PROPERTIES value.
-- 
Thanks,
Zac


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 981 bytes --]

Re: [gentoo-portage-dev] [PATCH] Support PROPERTIES="live".

[Ulrich Mueller]

[-- Attachment #1: Type: text/plain, Size: 1582 bytes --]

>>>>> On Sat, 27 Jul 2019, Michał Górny wrote:

> While at it, could you look into making src_unpack() network-sandbox
> override apply only to ebuilds with PROPERTIES=live?

I believe the patch included below would do that.

Ulrich


From f4ebd25a04d5eb64504724b711b41141723afcd4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ulrich=20M=C3=BCller?= <ulm@gentoo.org>
Date: Mon, 29 Jul 2019 14:22:57 +0200
Subject: [PATCH] doebuild.py: Override network-sandbox only for live ebuilds.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Suggested-by: Michał Górny <mgorny@gentoo.org>
Signed-off-by: Ulrich Müller <ulm@gentoo.org>
---
 lib/portage/package/ebuild/doebuild.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/portage/package/ebuild/doebuild.py b/lib/portage/package/ebuild/doebuild.py
index 67867d33e..cab838ead 100644
--- a/lib/portage/package/ebuild/doebuild.py
+++ b/lib/portage/package/ebuild/doebuild.py
@@ -156,7 +156,8 @@ def _doebuild_spawn(phase, settings, actionmap=None, **kwargs):
 		phase in _ipc_phases
 	kwargs['mountns'] = 'mount-sandbox' in settings.features
 	kwargs['networked'] = 'network-sandbox' not in settings.features or \
-		phase in _networked_phases or \
+		(phase in _networked_phases and \
+		'live' in settings.configdict['pkg'].get('PROPERTIES', '').split()) or \
 		'network-sandbox' in settings['PORTAGE_RESTRICT'].split()
 	kwargs['pidns'] = ('pid-sandbox' in settings.features and
 		phase not in _global_pid_phases)
-- 
2.22.0


[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]

Re: [gentoo-portage-dev] [PATCH] Support PROPERTIES="live".

[Zac Medico]

[-- Attachment #1.1: Type: text/plain, Size: 1827 bytes --]

On 7/29/19 5:39 AM, Ulrich Mueller wrote:
>>>>>> On Sat, 27 Jul 2019, Michał Górny wrote:
> 
>> While at it, could you look into making src_unpack() network-sandbox
>> override apply only to ebuilds with PROPERTIES=live?
> 
> I believe the patch included below would do that.
> 
> Ulrich
> 
> 
> From f4ebd25a04d5eb64504724b711b41141723afcd4 Mon Sep 17 00:00:00 2001
> From: =?UTF-8?q?Ulrich=20M=C3=BCller?= <ulm@gentoo.org>
> Date: Mon, 29 Jul 2019 14:22:57 +0200
> Subject: [PATCH] doebuild.py: Override network-sandbox only for live ebuilds.
> MIME-Version: 1.0
> Content-Type: text/plain; charset=UTF-8
> Content-Transfer-Encoding: 8bit
> 
> Suggested-by: Michał Górny <mgorny@gentoo.org>
> Signed-off-by: Ulrich Müller <ulm@gentoo.org>
> ---
>  lib/portage/package/ebuild/doebuild.py | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/lib/portage/package/ebuild/doebuild.py b/lib/portage/package/ebuild/doebuild.py
> index 67867d33e..cab838ead 100644
> --- a/lib/portage/package/ebuild/doebuild.py
> +++ b/lib/portage/package/ebuild/doebuild.py
> @@ -156,7 +156,8 @@ def _doebuild_spawn(phase, settings, actionmap=None, **kwargs):
>  		phase in _ipc_phases
>  	kwargs['mountns'] = 'mount-sandbox' in settings.features
>  	kwargs['networked'] = 'network-sandbox' not in settings.features or \
> -		phase in _networked_phases or \
> +		(phase in _networked_phases and \
> +		'live' in settings.configdict['pkg'].get('PROPERTIES', '').split()) or \
>  		'network-sandbox' in settings['PORTAGE_RESTRICT'].split()
>  	kwargs['pidns'] = ('pid-sandbox' in settings.features and
>  		phase not in _global_pid_phases)
> 

This will enable network-sandbox for all of _networked_phases, but
Michał only suggested to do it for src_unpack.
-- 
Thanks,
Zac


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 981 bytes --]

[gentoo-portage-dev] [PATCH v2] doebuild.py: Override network-sandbox in unpack only for live ebuilds (was: Re: [PATCH] Support PROPERTIES="live")

[Ulrich Mueller]

[-- Attachment #1: Type: text/plain, Size: 1976 bytes --]

>>>>> On Mon, 29 Jul 2019, Zac Medico wrote:

> This will enable network-sandbox for all of _networked_phases, but
> Michał only suggested to do it for src_unpack.

Right. Patch v2 below.


From 6e929fac0a3f5f0bcfe85152c0931cb20d579881 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ulrich=20M=C3=BCller?= <ulm@gentoo.org>
Date: Mon, 29 Jul 2019 14:22:57 +0200
Subject: [PATCH] doebuild.py: Override network-sandbox in unpack only for live
 ebuilds.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Suggested-by: Michał Górny <mgorny@gentoo.org>
Signed-off-by: Ulrich Müller <ulm@gentoo.org>
---
 lib/portage/package/ebuild/doebuild.py | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)

diff --git a/lib/portage/package/ebuild/doebuild.py b/lib/portage/package/ebuild/doebuild.py
index 67867d33e..6f980f87d 100644
--- a/lib/portage/package/ebuild/doebuild.py
+++ b/lib/portage/package/ebuild/doebuild.py
@@ -115,13 +115,6 @@ _ipc_phases = frozenset([
 _global_pid_phases = frozenset([
 	'config', 'depend', 'preinst', 'prerm', 'postinst', 'postrm'])
 
-# phases in which networking access is allowed
-_networked_phases = frozenset([
-	# for VCS fetching
-	"unpack",
-	# + for network-bound IPC
-] + list(_ipc_phases))
-
 _phase_func_map = {
 	"config": "pkg_config",
 	"setup": "pkg_setup",
@@ -156,7 +149,9 @@ def _doebuild_spawn(phase, settings, actionmap=None, **kwargs):
 		phase in _ipc_phases
 	kwargs['mountns'] = 'mount-sandbox' in settings.features
 	kwargs['networked'] = 'network-sandbox' not in settings.features or \
-		phase in _networked_phases or \
+		(phase == 'unpack' and \
+		'live' in settings.configdict['pkg'].get('PROPERTIES', '').split()) or \
+		phase in _ipc_phases or \
 		'network-sandbox' in settings['PORTAGE_RESTRICT'].split()
 	kwargs['pidns'] = ('pid-sandbox' in settings.features and
 		phase not in _global_pid_phases)
-- 
2.22.0

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 487 bytes --]

[gentoo-portage-dev] Re: [PATCH v2] doebuild.py: Override network-sandbox in unpack only for live ebuilds (was: Re: [PATCH] Support PROPERTIES="live")

[Zac Medico]

[-- Attachment #1.1: Type: text/plain, Size: 2161 bytes --]

On 7/29/19 3:28 PM, Ulrich Mueller wrote:
>>>>>> On Mon, 29 Jul 2019, Zac Medico wrote:
> 
>> This will enable network-sandbox for all of _networked_phases, but
>> Michał only suggested to do it for src_unpack.
> 
> Right. Patch v2 below.
> 
> 
> From 6e929fac0a3f5f0bcfe85152c0931cb20d579881 Mon Sep 17 00:00:00 2001
> From: =?UTF-8?q?Ulrich=20M=C3=BCller?= <ulm@gentoo.org>
> Date: Mon, 29 Jul 2019 14:22:57 +0200
> Subject: [PATCH] doebuild.py: Override network-sandbox in unpack only for live
>  ebuilds.
> MIME-Version: 1.0
> Content-Type: text/plain; charset=UTF-8
> Content-Transfer-Encoding: 8bit
> 
> Suggested-by: Michał Górny <mgorny@gentoo.org>
> Signed-off-by: Ulrich Müller <ulm@gentoo.org>
> ---
>  lib/portage/package/ebuild/doebuild.py | 11 +++--------
>  1 file changed, 3 insertions(+), 8 deletions(-)
> 
> diff --git a/lib/portage/package/ebuild/doebuild.py b/lib/portage/package/ebuild/doebuild.py
> index 67867d33e..6f980f87d 100644
> --- a/lib/portage/package/ebuild/doebuild.py
> +++ b/lib/portage/package/ebuild/doebuild.py
> @@ -115,13 +115,6 @@ _ipc_phases = frozenset([
>  _global_pid_phases = frozenset([
>  	'config', 'depend', 'preinst', 'prerm', 'postinst', 'postrm'])
>  
> -# phases in which networking access is allowed
> -_networked_phases = frozenset([
> -	# for VCS fetching
> -	"unpack",
> -	# + for network-bound IPC
> -] + list(_ipc_phases))
> -
>  _phase_func_map = {
>  	"config": "pkg_config",
>  	"setup": "pkg_setup",
> @@ -156,7 +149,9 @@ def _doebuild_spawn(phase, settings, actionmap=None, **kwargs):
>  		phase in _ipc_phases
>  	kwargs['mountns'] = 'mount-sandbox' in settings.features
>  	kwargs['networked'] = 'network-sandbox' not in settings.features or \
> -		phase in _networked_phases or \
> +		(phase == 'unpack' and \
> +		'live' in settings.configdict['pkg'].get('PROPERTIES', '').split()) or \
> +		phase in _ipc_phases or \
>  		'network-sandbox' in settings['PORTAGE_RESTRICT'].split()
>  	kwargs['pidns'] = ('pid-sandbox' in settings.features and
>  		phase not in _global_pid_phases)
> 

Looks good. Please merge.
-- 
Thanks,
Zac


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 981 bytes --]